m THE CLAIMS: 



Pl ea se amend claims 1# 2, 3# 4/ 6# 7, 13, 14, 
Keep claims 5 and 11, as-is. 
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1. (Currently Amended) A system for enabling asynchronous 
authentication of a non-preauthenticated client-User ntftanfr in a 
Kerberos domain servicing multiple requesting non-preauthenticated 
clients while eliminating any delays due to multiple concurrent 
authentication requests, said system comprising: 

(a) client-User means (10) for requesting 
authentication from a specialized client-server means 
(13); 

(b) said specialized client-server means (13) for 
c ommuni cating with a Kerberos server means (20) for 
developing a specific set of credentials for each 
client requesting authentication [ [ ; ] ] said specialized 
client server means utilizing a Unisys ClearPath 
server; 

(c) said Kerberos server means (20) for developing an 
asynchronous authentication response and a Ticket 
Granting Service to said client-server means (13). 
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2. (Currently Amended) The system of Claim 1 wherein said client- 
User means (10) includes: 

(al) multiple client-Users who may concurrently 
seek authorization to utilize said specialized 
client - server [[.] ] means. 
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3. (Currently Amended) The system of claim 1 wherein said Kerberos 
server means (20) includes: 

(cl) means to return an aut hent ication response to 
said specialized client-server means; 

( C 2) means to return a Ticket Granting Service 
signal to said specialized client-server means. 
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4 . (Currently a mended ) The system of claim 1 wherein said 
specialized client-server means includes: 

(bl) communication means (H&RC40, C0S9S42) for 
exchanging Information between a requesting 
principal or client-User, a Master Control 
Program, a General Security Service Library 
(6SS38), and a Kerberos Support Library (KSL34); 

(b2) said Master Control Program (60) for 
controlling said communication means, said General 
Security Service Library and said Kerberos Support 
Library (34); 

(b3) said General Security Service Library (GSS38) 
providing multiple threads for handling multiple 
concurrent requests for authentication; 

(b4) said Kerberos Support Library (34) for 
developing and storing specific aut h en t ication 
credentials for each validated client-User 
authentication request* 
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5. (Orig ina l) The system of claim 4 w herei n said Kerberos Support 
Library (34) includes: 

(b4a) means for accessing said Kerberos 
Server means (20) to acquire an 
authentication response and a Ticket Granting 
Service* 
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6. (Currently Amended) A secure message transmission system in a 
Kerberos environment which permits a client -user to operate in a 
network for authentication request transmittal and message 
response without suspending client service when a Kerberos Server 
(20) has not yet responded to an earlier request for an 
authentication message code signal, said system comprising: 

(a) client-terminal means (10) to indicate an original 
request for validation of an authentication message 
signal from a Kerberos Server (20); 

(b) specialized Unisys ClearPath server means having 
program means (MARC 40 and COMS 42), under control of a 
Master Control Program (MCP60) , for transmitting 
requests for service to a Kerberos Support Library 
(34) , a General Security Service Library (38) and to 
said Kerberos Server (20) for the return of an 
authentication response message to said client terminal 
means (10) from cr ed ential information placed in said 
General Security Service Library [ [; ]] of said 
specialized server means; 

(c) means for enabling said Kerberos Support Library 
(34) to elicit authentication information and Ticket 
Granting Service from said Kerberos Server (20) for 
deposit as validating credential data in said General 
Security Service Library (38) • 
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7. (Currently Amended) A method for asynchronous authentication of 
a non-preauthenticated originating terminal in a Kerberos domain, 
said authentication occurring without delay due to oth e r 
concurrent requests for authentication by other terminals such as 
client-Users and principals, said method comprising the steps of: 

(a) originating a request, to a specialized Unisys 
dearPath client-server, for authentication by a non- 
preauthenticated terminal and including the step of: 

(al) originating concurrent multiple requests for 
authentication from multiple client-Users and 
principals; 

(b) processing said originating request and other 
ori ginat ing requests concurrently and including the 
steps of: 

(bl) developing a set of identifying credentials 
for said originating terminal and including the 
steps of: 

(bla) requesting, via a communication means 
(MARC 40, C0M942), under control of a Blaster 
Control Program (MCP60) , a Kerberos Support 
Library (34), and a Kerberos Server (20)^ for 
credentials and a session key; 

(bib) creating a credential structure by 
said Kerberos Support Library (34) to 
identify said originating terminal and 
provide a Ticket Granting Service; 
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(blc) generating/ by a General Security 
Service Library (6SS 38), [[OF]] of A Bane- 
Handle and 6SS Credential Tag that identifies 
the originating terminal to said GSS (38) and 
to said Kerberos Support Library (34); 

(bid) generating a message, by said Kerberos 
Support Library (34) , to inform said 
communication means (MARC 40, COMS42) that 
the Kerberos authentication cycle has been 
successfully completed; 

(b2) asynchronously validating said originating 
terminal for use of a Kerberos domain; 

(c) responding back asynchronously by said specialized 
dearPath client-server to authenticate the validity of 
said original requesting terminal without any delays 
due to other concurrent requests for authentication 
which includes the step of: 

(cl) utilizing said communication means (MAFC 40, 
C0MS42) to transmit an authentication signal from 
a Kerberos Support Library (34) to said 
originating terminal. 
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8. (Cancelled). 

9 . (Cancelled) . 

10. (Cancelled). 
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11 • (Previously Amended) The method of claim 7 wherein stesp (bl) 
includes the steps of: 



( llbla ) processing concurrent 

authentication requests via multi- 
threaded processing means to develop a 
specific credential for each originating 
terminal; 

( llblb) conveying a completed 
authentication request to said Kerberos 
Support Library (34) and said 
communication means (MARC 40, C0MS42) * 
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12 . (Cancelled) . 
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13. (Currently amended) In a network wherein multiple client- 
terminals communicate with a specialized Unisys ClearPath client- 
server m=>a™F (13), having a Kerberos Support Library (34), and 
[[communicate]] comma i eating with a communications means (MARC 
40, CGMS 42), a General Security Service Library (38) and said 
specialized client-server means for accessing response 
Information from a Kerberos server (20), a met hod for enabling a 
requesting client-terminal to receive an authentication response 
message asynchronously from said Kerberos Server (20) comprising 
the steps of: 

(a) initiating an authentication command request by a 
requesting client-terminal; 

(b) utilizing said specialized client-server means as a 
communication management system, under control [[at]] 
of a master Control Program (HCP60), using a 
communication means having a communication management 
program (CONS 42) and menu assisted resource control 
program (MARC 40) to communicate said authentication 
command request to said Kerberos Server (20) via said 
Kerberos Support Library (34) and to receive a Kerberos 
response message for credential processing by said 
General Security Services Library (38) which is then 
conveyed by said communication means (40, 42) to said 
requesting client-terminal. 
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14 • (Currently amended) The method of claim 13 which includes the 
step of: 

(c) Ter minat ing the session between said client- 
terminal (10) and said Kerberos Support Library (34) 
on ce the authentication request response has been 
transmitted from said General Security Library (38) , 
thus allowing said specialized client-server means 

(13) to process other authentication requests. 
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15. (Currently Amended) The method of claim 13 wherein step (b) 

includes the step of: 

(bl) i ni tiat ing an error message by said Kerberos 
Support Library (34) when a failure in 
authentication has been recognized; 

(b2) requesting, via said error message, that said 
requesting client-terminal [[(b)]] should initiate 
a log-on. 
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